Sign up for our weekly security newsletter

E-Mail Wishing Merry Christmas To Heroes Installs Trojan Horse

The latest feather in the caps of hackers is that they have modified a PowerPoint file to install a malevolent code to illegally access the compromised systems, warned iDefense on December 24, 2006. The ppt file, while professing to support the troops incorporates a Trojan.

IDefense warned in an e-mail that the mail with subject line "Merry Christmas to our hero sons and daughters!" and an attachment file "Christmas+Blessings-4ppt." Stealthily incorporates a backdoor Trojan on susceptible computers. As per Ken Dunham, Director, Rapid Response Team, iDefense, this edition of the Hupigeon (or Hupigon) Trojan establish itself on a compromised machine.

Dunham informed that a distant Website employed in this strike has been found on a server in China.

Dunham wrote in the mail that detailed information regarding the ppt exploit is not clear yet, but few detectors have detected it as MS06-012 exploit. Such MS Office exploits can permit distant implementation of commands on compromised systems.

Marc Maiffret, Chief Technology Officer, eEye Digital Security Inc., said earlier in December 2006 that strikes of MS Office software have been increasing from the past few months. He added that office susceptibilities were once launched on a monthly basis.

Now the strikes have become a routine activity. So, it should be remembered that as several viruses imitates e-mail addresses in a compromised system's contact list, don't open any attachment without employing an updated AV program to scan them, even if the sender is a known person.

IDefense clearly indicates that this phase is of malware evolution is new and quite dangerous. It's no more a adventure-game of fame-seeking teenage malware authors of 80's and 90's, a real world, may be illegal, has developed for malevolent codes. Today, hackers have brushed up their skills to grab every business opportunity for their benefit.